Hummer: An unexpected aspect of the rootkit

The key danger is the method the Hummer uses to achieve its goals. It roots a device and gains administrator’s privileges to install unauthorized software of its own discretion

As you know there are great lots of cyber threats, all of them harmful in different ways. Financial kinds of malware are the most tangible for “end users” (if victims may be called that way). Firstly, they directly “pick pockets”, and secondly, banks get affected by them, too, not just customers suffer. But should we pay less attention to the other kinds of malware? We believe we must not.

For example, the Hummer Trojan has recently hit the headlines quite often. Actually it has nothing in common with financial malware. Hummer’s authors make money by installing unwanted applications and displaying ads. The question is what is the danger for the banks here.

Actually the key danger is the method the Hummer uses to achieve its goals. It roots a device and gains administrator’s privileges to install unauthorized software of its own discretion. Thus it gets unlimited access to the operating system with an opportunity to bypass additional security measures, to substitute legitimate applications for the fake ones, to make malicious changes to the installed programs. All that happens absolutely without the user’s knowledge.

The situation is complicated by the fact that the notorious Hummer has many ways of rooting and is very hard to get rid of. And it is not easy to detect if it infected a mobile device prior to the installation of a security solution. The rooted phone becomes vulnerable to multiple threats, not necessarily directly related to the Hummer Trojan. And attackers would surely take advantage of this vulnerability including attempts to access users’ bank accounts.

Of course, our solutions successfully detect and prevent any attempts of infection by various modifications of this Trojan – in case they are installed on the client’s mobile device. But banks had better act themselves and protect their own mobile apps by means of Kaspersky Lab’s technologies. Kaspersky Fraud Prevention for Mobile solution provides any banking application with a broad set of protection mechanisms that prevent the loss of funds even if the Hummer has already rooted the device. Firstly, KFP reveals installations of strange unwanted programs, and secondly it notifies the bank security system of a user with the infected device.

More details on Kaspersky Fraud Prevention here.

Tips